package com.zx.auth.block;

import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;

/**
 * <p>
 * description: 用于本地生成配置的rsa 公私钥 <br>
 * create: 2025-10-12 23:51
 * </p>
 *
 * @author zhou  xun
 */
public class RSAKeyGenerator {
    public static void main(String[] args) throws Exception {
        // 生成RSA密钥对
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(2048);
        KeyPair keyPair = keyPairGenerator.generateKeyPair();

        System.out.println("公钥格式: " + keyPair.getPublic().getFormat()); // 通常输出 "X.509"
        System.out.println("私钥格式: " + keyPair.getPrivate().getFormat()); // 通常输出 "PKCS#8"
        System.out.println("公钥算法: " + keyPair.getPublic().getAlgorithm()); // 输出 "RSA"
        System.out.println("私钥算法: " + keyPair.getPrivate().getAlgorithm()); // 输出 "RSA"

        // 获取公钥和私钥
        PublicKey publicKey = keyPair.getPublic();
        PrivateKey privateKey = keyPair.getPrivate();

        // 获取公钥和私钥的字节数据
        byte[] publicKeyBytes = publicKey.getEncoded(); // X.509格式
        byte[] privateKeyBytes = privateKey.getEncoded(); // PKCS#8格式

        // 输出原始字节（以十六进制形式展示）
        System.out.println("=== 原始公钥字节（X.509格式） ===");
        System.out.println(bytesToHex(publicKeyBytes));

        System.out.println("\n=== 原始私钥字节（PKCS#8格式） ===");
        System.out.println(bytesToHex(privateKeyBytes));

        // 输出Base64编码后的结果
        String base64PublicKey = Base64.getEncoder().encodeToString(publicKeyBytes);
        String base64PrivateKey = Base64.getEncoder().encodeToString(privateKeyBytes);

        System.out.println("\n=== Base64编码后的公钥（X.509格式） ===");
        System.out.println(base64PublicKey);

        System.out.println("\n=== Base64编码后的私钥（PKCS#8格式） ===");
        System.out.println(base64PrivateKey);

        // 验证解码
        System.out.println("\n=== 验证解码 ===");
        byte[] decodedPublicKey = Base64.getDecoder().decode(base64PublicKey);
        byte[] decodedPrivateKey = Base64.getDecoder().decode(base64PrivateKey);

        System.out.println("公钥解码验证: " + java.util.Arrays.equals(publicKeyBytes, decodedPublicKey));
        System.out.println("私钥解码验证: " + java.util.Arrays.equals(privateKeyBytes, decodedPrivateKey));

        // 验证可以重新构造成KeySpec
        X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(decodedPublicKey);
        PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(decodedPrivateKey);

        System.out.println("公钥KeySpec构造验证: " + (publicKeySpec != null));
        System.out.println("私钥KeySpec构造验证: " + (privateKeySpec != null));
    }

    // 将字节数组转换为十六进制字符串
    private static String bytesToHex(byte[] bytes) {
        StringBuilder sb = new StringBuilder();
        for (byte b : bytes) {
            sb.append(String.format("%02x", b));
        }
        return sb.toString();
    }
}